How to Secure Your Website
How to Ensure the Security of Your Web Site Using a script that you use on your web site, you can access the area where your files are and make changes to your files if you have not taken the necessary precautions.
We recommend that you review the following steps to avoid such problems.
Do not unnecessarily increase the chmod values of your files; All files chmod value 404 All the folders chmod value is 505. For a file on which data should be entered by the server, simply set chmod to 604 and folders to chmod to 705.
The value of 777 given by many users is very risky and unnecessary in terms of security. The file or folder with a chmod value of 777 is authorized to write, read, and modify all clients on the server. The chmod value of your config and .htaccess files is 404. Advantages: No one can change your files Disadvantages: When you want to edit your files you need to change chmod values.
Once the change is complete, you can restore it. This will take up to 5 minutes. But security is much more important. Why Chmod is so important: Hackers want to upload some files to take control of your site (send spam or change your files, etc.). They want to capture the vulnerability to send a file to your site. If there is a security vulnerability on your site, the hacker can access your site, but cannot take any action since it does not have the right to write to files and folders. The attack does not take place.
Secure your passwords
Secure your passwords; A good password must be a combination of letters and numbers. Using lowercase letters will increase the strength of your password. Be especially careful not to use a single password in many places. Make sure your FTP, MySQL and Control Panel passwords are not the same. If your MySQL password is compromised for any reason, you will prevent access to your Control Panel.
Create a .htaccess file under your site’s home directory (public_html on servers with directadmin control panel). With this file we can perform many prohibitions; ** Important Note: We recommend that you go step by step while performing these operations. Add a code to your .htaccess file, try to access your site, and if there is no problem, go to the next step. Remove the line of code that failed, and continue adding from the other lines. All of these procedures are recommended. We do not have any responsibility for the stability issues that may occur on your site due to the codes. * Do not use scripts that want the register global value to be “on”. Turn off the register global value for your site; The line you should include in your .htaccess file;php_flag register_globals 0 php_flag register_globals off * Block automatic spiders that scan your site’s content by hackers. This will prevent nearly 350 harmful spiders from crawling your site; Just add the following content to your .htaccess file.
Sorry, comments are closed for this item.